investigate findings
Closed this issue · 0 comments
joshhighet commented
continue analysis against matches when sub-processors return findings
an idea - needs to be fleshed out.. some confidence-scoring system will likely required before aimlessly probing potential matches
this could include things such as;
- if etag match found, correlate against other identifiers on the target to raise confidence
- using hidden service address as host header to the discovered asset (same for referrer)
- enrich found assets with pdns history from the likes of securitytrails